Vulnerabilities

Report: - Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command injection CVE-2026-5975

2026-04-09 0 views admin

CVE ID :CVE-2026-5975 Published : April 9, 2026, 8:16 p.m. | 51 minutes ago Description :A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used. Severity: 10.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-5975

Severity

HIGH

Published

April 9, 2026

Impact: command injection

🏷️ Tags

reporttotolinka7100rucstecgisetdmzcfgcommandinjectionpublishedcvecve-2026-5975

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: - Totolink A7100RU CGI cstecgi.cgi setDmzCfg os command injection CVE-2026-5975

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-34734 - HDF5: H5T__conv_struct Use After Free - Analysis

Report: Essential Guide: CVE-2026-34500 - Apache Tomcat: OCSP checks sometimes soft-fail with FFM even when soft-fail is d...

Report: Complete Guide to CVE-2026-34487 - Apache Tomcat: Cloud membership for clustering component exposed the Kubernetes ...

Report: CVE-2026-34486 - Apache Tomcat: Fix for CVE-2026-29146 allowed bypass of EncryptInterceptor

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting